Heap-based Buffer Overflow in winhlp32.exe via Malformed .hlp File

Heap-based Buffer Overflow in winhlp32.exe via Malformed .hlp File

CVE-2004-1361 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

Integer underflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a malformed .hlp file, which leads to a heap-based buffer overflow.

Learn more about our Web Application Penetration Testing UK.